825bd7abac100fbc55072063db36037d_JaffaCakes118 | Triage

Sharing

General

Target

825bd7abac100fbc55072063db36037d_JaffaCakes118
Size

136KB
MD5

825bd7abac100fbc55072063db36037d
SHA1

873dff097d4026b2c8fef12827f5a0f9885c3e16
SHA256

3451a0cf47ff917672d62834aecd6b9329cef93e62390cb329d0e981e588734e
SHA512

acbcb2f8e6fe826a79295db1fbb840825b07fa80385c9868c2822b4b90f6563f9c323eeff5a78c69bcd36fbe1cb9bb9ec3d3826d14ad273f40928cf4d154f931
SSDEEP

3072:DqPhxrfYFwgIoNhjMaQIy65AqNsLh4GYI17:WpdYdPjL+6+4nGYIt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
825bd7abac100fbc55072063db36037d_JaffaCakes118

Files

825bd7abac100fbc55072063db36037d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf33c813c076e3a50a6a0d3c2effb1ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord593
ord598
ord709
ord632
ord526
DllFunctionCall
ord670
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord644
ord570
ord100
ord616
ord581

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ